v
How to Build Cybersecurity Awareness
“There are risks and costs to a program of action—but they are far less than the long range cost of comfortable inaction.” –John F. Kennedy
Weakest Link OR First Line of Defense? 95% of Breaches are due to Human Error‌ so let’s do something about that!
Top Down Leadership should lead
Kick it Off Make the Annual Training a “Special Event� Food association is a powerful subconscious motivator Prizes (Gift Cards) Gamification is the application of game-design elements and game principles in non-game contexts
Emphasize Benefits Protecting Clients data Protecting Company Proprietary data and resources Protecting Individual employees, even at home
No Fault Policy Eliminate “Blame Culture� Use incident as Training Opportunity Require retraining if needed
Don’t Stop Cybersecurity Training should be ongoing Company Newsletter Tips Celebrate “Good Catches” Staff Meetings New staff orientation Annual training requirement
Summary Build a Cybersecurity Aware Staff from the Top Down Make it fun and engaging Eliminate the Blame Game Keep it Going
Questions / Discussion What has worked for you? Do you Test your staff? Do you do phishing tests? Do you discipline staff?